Merge pull request #114 from altlinux/gpsetup_active_backend

Active backend selection fixes in gpupdate-setup
2025-03-21 18:50:38 +03:00 · 2020-09-09 20:53:10 +04:00 · 2020-09-09 20:53:10 +04:00 · b6a41c3843
commit b6a41c3843
parent adea356f1b 564d324b53
9 changed files with 62 additions and 9 deletions
--- a/dist/gpupdate.ini
+++ b/dist/gpupdate.ini
@ -1,4 +1,4 @@
 [gpoa]
-backend = local
+backend = samba
 local-policy = auto

--- a/gpoa/backend/init.py
+++ b/gpoa/backend/init.py
@ -36,8 +36,9 @@ def backend_factory(dc, username, is_machine, no_domain = False):
    if config.get_backend() == 'samba' and not no_domain:
        if not dc:
            dc = config.get_dc()
-            ld = dict({'dc': dc})
-            log('D52', ld)
+            if dc:
+                ld = dict({'dc': dc})
+                log('D52', ld)
        sc = smbcreds(dc)
        domain = sc.get_domain()
        ldata = dict({'domain': domain})
--- a/gpoa/backend/samba_backend.py
+++ b/gpoa/backend/samba_backend.py
@ -74,7 +74,12 @@ class samba_backend(applier_backend):
        Retrieve settings and strore it in a database
        '''
        # Get policies for machine at first.
-        machine_gpts = self._get_gpts(get_machine_name(), self.storage.get_info('machine_sid'))
+        machine_gpts = list()
+        try:
+            machine_gpts = self._get_gpts(get_machine_name(), self.storage.get_info('machine_sid'))
+        except Exception as exc:
+            log('F2')
+            raise exc
        self.storage.wipe_hklm()
        self.storage.wipe_user(self.storage.get_info('machine_sid'))
        for gptobj in machine_gpts:
@ -88,7 +93,12 @@ class samba_backend(applier_backend):
        # Load user GPT values in case user's name specified
        # This is a buggy implementation and should be tested more
        if not self._is_machine_username:
-            user_gpts = self._get_gpts(self.username, self.sid)
+            user_gpts = list()
+            try:
+                user_gpts = self._get_gpts(self.username, self.sid)
+            except Exception as exc:
+                log('F3')
+                raise exc
            self.storage.wipe_user(self.sid)
            for gptobj in user_gpts:
                try:
--- a/gpoa/gpupdate-setup
+++ b/gpoa/gpupdate-setup
@ -69,10 +69,22 @@ def parse_arguments():

    parser_write = subparsers.add_parser('write',
        help='Operate on Group Policies (enable or disable)')
+    parser_set_backend = subparsers.add_parser('set-backend',
+        help='Set or change currently active backend')
    parser_default = subparsers.add_parser('default-policy',
        help='Show name of default policy')
    parser_active = subparsers.add_parser('active-policy',
        help='Show name of policy enabled')
+    parser_active_backend = subparsers.add_parser('active-backend',
+        help='Show currently configured backend')
+
+    parser_set_backend.add_argument('backend',
+        default='samba',
+        type=str,
+        nargs='?',
+        const='backend',
+        choices=['local', 'samba'],
+        help='Backend (source of settings) name')

    parser_write.add_argument('status',
        choices=['enable', 'disable'],
@ -148,6 +160,10 @@ def get_active_policy_name():
    config = GPConfig()
    return os.path.basename(config.get_local_policy_template())

+def get_active_backend():
+    config = GPConfig()
+    return config.get_backend()
+
 def rollback_on_error(command_name):
    '''
    Disable group policy services in case command returns error code
@ -207,6 +223,7 @@ def enable_gp(policy_name, backend_type):
        os.makedirs(etc_policy_dir)

    config.set_local_policy_template(default_policy_name)
+    config.set_backend(backend_type)

    # Enable oddjobd_gpupdate in PAM config
    if not rollback_on_error(cmd_set_gpupdate_policy):
@ -251,6 +268,10 @@ def act_status():
    else:
        print('disabled')

+def act_set_backend(backend_name):
+    config = GPConfig()
+    config.set_backend(backend_name)
+
 def act_write(localpolicy, backend):
    '''
    Enable or disable group policy services
@ -272,6 +293,12 @@ def act_active_policy():
    '''
    print(get_active_policy_name())

+def act_active_backend():
+    '''
+    Print currently configured backend.
+    '''
+    print(get_active_backend())
+
 def act_default_policy():
    '''
    Print default Local Policy template name to stdout
@ -285,10 +312,12 @@ def main():
    action['list'] = act_list
    action['list-backends'] = act_list_backends
    action['status'] = act_status
+    action['set-backend'] = act_set_backend
    action['write'] = act_write
    action['enable'] = act_enable
    action['disable'] = disable_gp
    action['active-policy'] = act_active_policy
+    action['active-backend'] = act_active_backend
    action['default-policy'] = act_default_policy

    if arguments.action == None:
@ -297,6 +326,8 @@ def main():
        action[arguments.action](arguments.localpolicy, arguments.backend)
    elif arguments.action == 'write':
        action[arguments.action](arguments.localpolicy)
+    elif arguments.action == 'set-backend':
+        action[arguments.action](arguments.backend)
    else:
        action[arguments.action]()

--- a/gpoa/locale/ru_RU/LC_MESSAGES/gpoa.po
+++ b/gpoa/locale/ru_RU/LC_MESSAGES/gpoa.po
@ -316,6 +316,12 @@ msgstr "Неизвестный код предупреждения"
 msgid "Unable to refresh GPO list"
 msgstr "Невозможно обновить список объектов групповых политик"

+msgid "Error getting GPTs for machine"
+msgstr "Не удалось получить GPT для машины"
+
+msgid "Error getting GPTs for user"
+msgstr "Не удалось получить GPT для пользователя"
+
 msgid "Unknown fatal code"
 msgstr "Неизвестный код фатальной ошибки"

--- a/gpoa/messages/init.py
+++ b/gpoa/messages/init.py
@ -136,6 +136,8 @@ def warning_code(code):
 def fatal_code(code):
    fatal_ids = dict()
    fatal_ids[1] = 'Unable to refresh GPO list'
+    fatal_ids[2] = 'Error getting GPTs for machine'
+    fatal_ids[3] = 'Error getting GPTs for user'

    return fatal_ids.get(code, 'Unknown fatal code')

--- a/gpoa/util/config.py
+++ b/gpoa/util/config.py
@ -43,7 +43,7 @@ class GPConfig:
                if self.full_config['gpoa']['backend'] in get_backends():
                    return self.full_config['gpoa']['backend']

-        return 'local'
+        return 'samba'

    def set_backend(self, backend_name):
        self.full_config['gpoa']['backend'] = backend_name
--- a/gpoa/util/kerberos.py
+++ b/gpoa/util/kerberos.py
@ -76,9 +76,8 @@ def check_krb_ticket():
        output = subprocess.check_output('klist', stderr=subprocess.STDOUT).decode()
        logging.info(output)
        result = True
+        log('D17')
    except:
        log('E14')

-    log('D17')
-
    return result
--- a/gpoa/util/logging.py
+++ b/gpoa/util/logging.py
@ -52,7 +52,11 @@ class slogm(object):
        #args.update(dict({'timestamp': now, 'message': str(self.message)}))
        args.update(self.kwargs)

-        kwa = encoder().encode(args)
+        kwa = dict()
+        try:
+            kwa = encoder().encode(args)
+        except Exception as exc:
+            pass

        result = '{}|{}|{}'.format(now, self.message, kwa)